Model UN Background Guide

Committee: Disarmament and International Security Committee (DISEC/GA1)

Topic: Cyber Norms in Armed Conflict

Conference Year: 2026

1. Topic Background

The increasing reliance on digital infrastructure and the expanding role of cyberspace in modern warfare have brought cyber norms in armed conflict to the forefront of international security discussions. Cyber operations targeting military command and control systems, critical infrastructure, and civilian networks have blurred traditional distinctions between peace and war, combatants and civilians, and physical and virtual battlegrounds. The use of cyber capabilities in armed conflict raises complex legal, ethical, and strategic questions, including how international humanitarian law (IHL) applies to cyberattacks, how to attribute cyber operations to state or non-state actors, and how to prevent escalation from cyber incidents to kinetic warfare.

Historically, cyber operations were considered primarily espionage or sabotage tools during peacetime. However, notable incidents such as the 2007 cyberattacks on Estonia, the Stuxnet operation targeting Iran’s nuclear facilities in 2010, and more recent cyber intrusions in the context of the Russia-Ukraine conflict have demonstrated the potential for cyber operations to influence the outcomes of armed conflicts directly. These developments have pushed the United Nations and its member states to seek clearer norms and rules governing state behavior in cyberspace during armed conflict.

The urgency to address cyber norms in armed conflict has increased due to the rapid technological advances in offensive cyber capabilities, the growing frequency of cyber incidents linked to geopolitical conflicts, and the risk of unintended escalation. The lack of universally accepted norms leads to divergent interpretations of lawful conduct, complicates conflict prevention, and undermines global stability. Hence, DISEC’s 2026 agenda includes this topic to foster consensus on responsible state behavior and to strengthen the international legal framework governing cyberspace in conflict settings.

2. Key Actors

States

• United States: A leading actor in cyber defense and offense, the U.S. advocates for clear international norms that balance security with freedom of the internet, emphasizing the applicability of IHL to cyberspace.
• Russia: Often accused of conducting offensive cyber operations, Russia promotes state sovereignty in cyberspace and resists norms that could constrain its cyber capabilities. It emphasizes non-interference and opposes external regulation of cyberspace.
• China: Focused on cyber sovereignty, China supports norms that allow states to control their domestic internet and reject Western-led cyber governance models. It advocates for peaceful use of cyberspace but maintains robust cyber capabilities.
• European Union: The EU champions the development of responsible state behavior norms, supports confidence-building measures, and promotes the applicability of IHL to cyber operations. It also emphasizes protecting civilian infrastructure.
• Israel: A technologically advanced state with significant cyber capabilities, Israel prioritizes norms that recognize self-defense in cyberspace and the right to respond proportionally to cyberattacks.
• India: Emerging as a key cyber actor, India advocates for a balanced approach that supports international law applicability while ensuring state sovereignty and capacity-building for developing countries.
• Iran and North Korea: Often implicated in offensive cyber operations, these states emphasize resistance to external interference and reject attempts to impose restrictive cyber norms on sovereign states.

International Organizations

• United Nations Office for Disarmament Affairs (UNODA): Facilitates dialogue on cyber security and promotes transparency and confidence-building measures.
• United Nations Group of Governmental Experts (GGE) on Developments in the Field of Information and Telecommunications in the Context of International Security: Key platform for discussing cyber norms and producing consensus reports on responsible state behavior.
• International Committee of the Red Cross (ICRC): Plays a critical role in interpreting and promoting the application of international humanitarian law to cyber operations during armed conflict.
• NATO: Actively develops cyber defense capabilities and advocates for the recognition of cyberattacks as potential triggers for collective defense under Article 5.
• Organization of American States (OAS) and ASEAN: Regional organizations promoting cyber capacity-building and dialogue on norms within their respective regions.

3. Bloc Positions

Western Bloc (United States, EU, Canada, Israel, Japan, Australia)

• Strong advocates for the application of existing international law, especially IHL, to cyber operations in armed conflict.
• Promote transparency, confidence-building measures, and mechanisms for attribution and accountability.
• Support norms that protect civilian infrastructure and critical services from cyberattacks.
• Emphasize the need for cooperation to prevent escalation and maintain open and secure cyberspace.

Russia-China Bloc

• Emphasizes state sovereignty and non-interference in domestic cyberspace governance.
• Skeptical of Western-led initiatives perceived as attempts to impose restrictions on their cyber capabilities.
• Prefer voluntary, non-binding norms and oppose legally binding treaties that could limit state actions.
• Advocate for cyber arms control talks but with a focus on preventing cyber interference in domestic affairs.

Developing States Bloc (India, Brazil, South Africa, Indonesia, African Union members)

• Call for inclusive norm development that considers the interests of developing countries.
• Stress capacity-building, technology transfer, and assistance to improve cyber resilience.
• Support the applicability of international law but seek clarification and guidance on interpretation.
• Cautious about overly restrictive norms that could hinder national development or security.

Rogue/Pariah States (North Korea, Iran, Syria)

• Generally reject international cyber norms initiatives led by Western powers.
• Deny accusations of offensive cyber operations and resist external oversight.
• Emphasize sovereignty and non-interference rhetoric but maintain active cyber programs.
• Often isolated but remain relevant due to their cyber capabilities and regional influence.

4. Past UN Action

• UN GGE Reports (2010, 2013, 2015, 2021): Provided consensus-based recommendations on responsible state behavior in cyberspace, affirming that international law, including the UN Charter and IHL, applies to cyberspace.
• UN General Assembly Resolution 70/237 (2015): Endorsed the consensus report of the 2013 GGE and encouraged states to implement the proposed norms.
• UNGA Resolution 75/240 (2020): Extended the mandate of the GGE and emphasized the need to address emerging challenges in cyberspace, including during armed conflict.
• ICRC Interpretive Guidance (2019): Provided detailed analysis on how IHL applies to cyber operations, emphasizing protection of civilians and civilian objects.
• UN Secretary-General’s Reports on Cybersecurity: Highlighted threats posed by malicious cyber activities and the need for international cooperation on norm development.

5. Questions a Resolution Should Answer

1. How can existing international humanitarian law be clarified or adapted to better regulate cyber operations during armed conflict?
2. What specific norms should govern state behavior to prevent cyberattacks on civilian infrastructure and essential services?
3. How can the international community improve attribution mechanisms and accountability for malicious cyber operations in conflict?
4. What confidence-building measures or transparency initiatives can reduce the risk of cyber escalation between states?
5. How can capacity-building and technical assistance be enhanced to support developing countries in cyber defense and norm implementation?
6. Should there be a framework for cyber arms control or limitations on offensive cyber capabilities during armed conflict?
7. How can cooperation between states, IOs, and non-state actors be strengthened to promote compliance with cyber norms?

6. Further Reading

• UN Documents: Reports of the Group of Governmental Experts on Information Security, General Assembly resolutions on cybersecurity, and ICRC publications on international humanitarian law and cyber operations provide official legal and policy frameworks. These documents are crucial for understanding the current consensus and gaps in international law.
• Think-Tank Reports: Research from institutions such as the Carnegie Endowment for International Peace, the Council on Foreign Relations, and the Stockholm International Peace Research Institute (SIPRI) offers detailed analysis of cyber conflict trends, norm development, and state behavior. These sources provide policy recommendations and scenario-based insights.
• News Outlets and Analytical Media: Reputable international media such as Reuters, The Diplomatic Courier, and specialized cyber security news platforms (e.g., The Cybersecurity Times) report on recent cyber incidents, state responses, and diplomatic negotiations. These sources help track evolving events and geopolitical dynamics relevant to cyber norms.

This background guide aims to equip delegates with a comprehensive understanding of the complexities surrounding cyber norms in armed conflict and to facilitate informed debate on how the international community can advance responsible state behavior in the digital battlefield.